Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-06-12	CVE-2017-15123	Missing Authentication for Critical Function vulnerability in Redhat Cloudforms Management Engine A flaw was found in the CloudForms web interface, versions 5.8 - 5.10, where the RSS feed URLs are not properly restricted to authenticated users only. network low complexity redhat CWE-306	5.3
2019-06-11	CVE-2019-0197	HTTP Request Smuggling vulnerability in multiple products A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. network high complexity apache canonical fedoraproject opensuse redhat oracle CWE-444	4.2
2019-06-03	CVE-2019-12614	NULL Pointer Dereference vulnerability in multiple products An issue was discovered in dlpar_parse_cc_property in arch/powerpc/platforms/pseries/dlpar.c in the Linux kernel through 5.1.6. local high complexity linux redhat canonical opensuse fedoraproject CWE-476	4.1
2019-05-23	CVE-2019-5798	Out-of-bounds Read vulnerability in multiple products Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. network low complexity google debian redhat opensuse canonical suse CWE-125	6.5
2019-05-23	CVE-2019-0201	Missing Authorization vulnerability in multiple products An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. network high complexity apache debian redhat oracle netapp CWE-862	5.9
2019-05-15	CVE-2019-11833	Use of Uninitialized Resource vulnerability in multiple products fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. local low complexity linux fedoraproject debian canonical redhat CWE-908	5.5
2019-05-03	CVE-2019-3805	Improper Privilege Management vulnerability in Redhat Jboss Enterprise Application Platform and Wildfly A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. local high complexity redhat CWE-269	4.7
2019-04-23	CVE-2019-2695	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle redhat	6.5
2019-04-23	CVE-2019-2694	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle redhat	6.5
2019-04-23	CVE-2019-2693	Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). network low complexity oracle redhat	6.5